Home
Details
Lectures

Reference

Schedule & Lectures

Tentative schedule, and subject to change at any time.

Time Topic Lectures & Readings Labs
Sep 8 Overview Lecture: Overview Lab 1: Buffer Ovewflows
sep 9 Buffer overflow Lecture: buf overflow

Prepare: read Smashing The Stack For Fun And Profit
Homework: question 		 
sep 15 Stack Protection Lecture: Stack guard, stack shield, NXstack

Prepare: read StackGuard
read Four different tricks to bypass StackShield and StackGuard protection
Homework: question 		 
sep 16 Ret-to-libc Lecture: ret-to-libc

Prepare: READ Bypassing non-executable-stack during exploitation using return-to-libc
(Question)
sep 22 GOT Hijacking Lecture: GOT

Prepare: read How to hijack the Global Offset Table with pointers for root shells
Homework: question 		Lab 2: Return-to-libc
sep 23 Integer Overflow Lecture: integer

Prepare: read Basic Integer Overflows
read Nearly All Binary Searches and Mergesorts are Broken
Homework: Question 		 
sep 29 Format string attack Lecture: string

Prepare: read Exploiting Format String Vulnerabilities
(Question)
sep 30 Heap overflow Lecture: heap

Prepare: read w00w00 on Heap Overflows
read Once upon a free() (Optional)
read Heap spraying demystified (Optional)
Homework: Question 		Lab 3: Privilage Separation
oct 13 Unix Security Basics LEC: Files

Prepare: READ Setuid Demystified
(Question) 		 
Sep. 12 Set-uid Vulnerability LEC: set-uid (also prof. Du's note)

Prepare: READ How To Write a Setuid Program
(Question) 		 
sep. 17 Binary Injection LEC: ELF injection

Prepare: READ UNIX VIRUSES
READ ELF Documentation (Optional)
READ x86 disassembly (Optional)
READ x86 Assembly (in ATT syntax) (Optional)
(Question) 		 
oct. 15 Race condition LEC: race

Prepare: READ Prevent race conditions
(Question) 		Lab 4: Authentication
oct. 16 Anti Disassembly LEC: Anti disassembly

Prepare: READ Anti-disassembly
(Question) 		 
oct. 17 Anti-Debugging LEC: Anti debugging

Prepare: READ Anti Anti Debugging
READ Playing with ptrace, and part II
(Question) 		 
oct. 22 Anti-Virtual Machine LEC: anti-vm

Prepare: READ Attacks on Virtual Machine Emulators
READ Anti Virtual Machines and Emulations (Optional)
READ VMWare (Optional)
(Question) 		 
oct. 23 Fault Isolation LEC: sfi

Prepare: READ Efficient Software-Based Fault Isolation
(Question) 		 
oct. 24 Trojan Horse LEC: trojan

Prepare: READ Reflections on Trusting Trust
(Question) 		 
nov. 11 Final exam 9:30--11:30, Room 101 of MinXue Building